Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
File:                     326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa (raw, json)
Hash identifier:          5dYccFl5BiUIrgF0hxa15dU6THMEPtqyo8QM0o5wC+k=
Subject key identifier:   A5:13:26:AD:9B:5C:95:A7:52:C7:58:8D:DA:FF:77:40:99:BC:DC:DF
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       7183647DEF3E2AA869DC3B0A84F2117456F641C0
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
Signing time:             Wed 19 Jul 2023 13:30:11 +0000
ROA not before:           Wed 19 Jul 2023 13:25:11 +0000
ROA not after:            Wed 17 Jul 2024 13:30:11 +0000
asID:                     208421
IP address blocks:        2a11:29c0:3df6::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:83:64:7d:ef:3e:2a:a8:69:dc:3b:0a:84:f2:11:74:56:f6:41:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jul 19 13:25:11 2023 GMT
            Not After : Jul 17 13:30:11 2024 GMT
        Subject: CN=A51326AD9B5C95A752C7588DDAFF774099BCDCDF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b1:64:3d:e5:a9:e0:a0:c2:d9:65:18:d4:45:
                    f4:c8:79:d5:e4:11:b9:0d:c3:8c:b5:f4:73:4e:9f:
                    bb:04:9f:fc:26:5e:93:1e:7a:f6:31:25:28:c9:d8:
                    4d:cb:df:b8:7a:21:e5:4a:59:24:03:b1:a9:09:33:
                    85:28:6f:88:d0:1d:de:2d:73:9d:d2:45:b2:f9:c9:
                    bc:d7:82:ef:da:d4:98:ab:ae:26:92:6d:43:45:7b:
                    37:b7:11:5e:69:c7:ec:07:41:94:77:e1:67:54:18:
                    bf:f2:8c:c2:3f:39:ef:c6:b1:a4:07:a2:cf:88:bb:
                    31:b0:69:fd:6d:a1:6f:6e:8c:e7:f4:89:bd:d3:f1:
                    4c:60:01:df:ea:2e:78:57:f6:5f:cb:e6:e5:0b:17:
                    6a:71:12:92:ec:14:9f:47:1a:1f:71:90:70:d3:d8:
                    d7:d7:70:28:8a:43:a8:30:c6:2f:a9:3d:a4:4f:80:
                    d5:11:09:49:d5:a6:62:4b:2e:83:37:0c:59:bb:a2:
                    c0:36:1c:4b:19:03:27:a8:af:98:6f:a2:ed:cd:4c:
                    7c:df:30:84:95:66:ea:3f:29:f6:e2:1c:99:18:39:
                    a1:78:5f:1b:37:a0:e4:3f:e2:f8:48:a8:5b:9f:fc:
                    3a:5f:68:37:03:df:c3:94:4c:d8:6c:18:ef:87:07:
                    bf:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:13:26:AD:9B:5C:95:A7:52:C7:58:8D:DA:FF:77:40:99:BC:DC:DF
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3df6::/48

    Signature Algorithm: sha256WithRSAEncryption
         63:5a:80:30:41:84:16:d3:25:e0:be:66:24:33:00:2d:80:7a:
         f7:7b:f7:77:18:37:3d:87:e8:7e:d7:89:c7:f1:ce:86:1e:cb:
         39:35:38:4a:58:46:aa:25:9d:0f:22:8f:ab:15:82:4f:24:67:
         07:ff:16:ac:e8:e5:ce:2e:12:0d:91:a7:08:c0:56:92:2b:6d:
         9e:6d:6a:aa:8f:f7:7d:60:7e:99:40:0f:38:2a:b7:a0:f7:58:
         cd:07:5a:56:15:4f:cb:26:1c:89:81:98:40:00:19:09:40:ee:
         48:c1:90:07:69:e0:fe:d8:5d:b6:72:38:02:a1:50:be:4b:f0:
         7b:41:cf:2f:26:80:7a:07:e6:48:81:eb:6a:51:07:dc:98:ac:
         6b:38:1d:dc:a3:d6:93:a2:7c:f2:a0:34:2f:8f:75:7c:45:48:
         93:2d:fe:d6:5c:6b:f9:b1:5d:02:5b:f5:77:f2:4c:b7:2c:88:
         a1:e8:60:18:a0:f9:32:e0:69:8d:a2:e9:9e:b1:b0:8f:36:28:
         d4:03:9c:7e:10:18:61:85:da:24:0a:8c:8d:83:86:54:e5:3c:
         8e:d7:f1:cc:e7:fa:d9:cc:eb:34:f7:5f:7f:4a:56:b2:4a:7f:
         45:b3:da:b8:d0:19:82:19:42:e7:34:7e:ef:38:c0:41:85:6d:
         c0:0c:dc:49
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUcYNkfe8+Kqhp3DsKhPIRdFb2QcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzA3MTkxMzI1MTFaFw0yNDA3MTcxMzMwMTFaMDMxMTAvBgNV
BAMTKEE1MTMyNkFEOUI1Qzk1QTc1MkM3NTg4RERBRkY3NzQwOTlCQ0RDREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6sWQ95angoMLZZRjURfTIedXk
EbkNw4y19HNOn7sEn/wmXpMeevYxJSjJ2E3L37h6IeVKWSQDsakJM4Uob4jQHd4t
c53SRbL5ybzXgu/a1JirriaSbUNFeze3EV5px+wHQZR34WdUGL/yjMI/Oe/GsaQH
os+IuzGwaf1toW9ujOf0ib3T8UxgAd/qLnhX9l/L5uULF2pxEpLsFJ9HGh9xkHDT
2NfXcCiKQ6gwxi+pPaRPgNURCUnVpmJLLoM3DFm7osA2HEsZAyeor5hvou3NTHzf
MISVZuo/KfbiHJkYOaF4Xxs3oOQ/4vhIqFuf/DpfaDcD38OUTNhsGO+HB7/PAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUpRMmrZtcladSx1iN2v93QJm83N8wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzNjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM0MzIzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA99jANBgkqhkiG9w0BAQsFAAOCAQEAY1qAMEGEFtMl4L5m
JDMALYB693v3dxg3PYfofteJx/HOhh7LOTU4SlhGqiWdDyKPqxWCTyRnB/8WrOjl
zi4SDZGnCMBWkittnm1qqo/3fWB+mUAPOCq3oPdYzQdaVhVPyyYciYGYQAAZCUDu
SMGQB2ng/thdtnI4AqFQvkvwe0HPLyaAegfmSIHralEH3Jisazgd3KPWk6J88qA0
L491fEVIky3+1lxr+bFdAlv1d/JMtyyIoehgGKD5MuBpjaLpnrGwjzYo1AOcfhAY
YYXaJAqMjYOGVOU8jtfxzOf62czrNPdff0pWskp/RbPauNAZghlC5zR+7zjAQYVt
wAzcSQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:58:21 2024 by rpki-client on console-ams.rpki-client.org